Q1. (Topic 6)
You have a hybrid deployment of Exchange Server 2013 and Office 365.
The mail flow between Office 365 and the on-premises Exchange Server environment is
routed through an Exchange Server 2010 Edge Transport server.
Your company is assigned a new set of public IP addresses.
A network administrator updates the external firewall address and all of the associated
DNS records.
Office 365 users report that they cannot receive email messages from on-premises users.
You discover that outgoing email messages to Office 365 are in the Office 365 SMTP
queue on an Edge server.
You need to ensure that the on-premises users can send email messages successfully to
the Office 365 users.
Which tool should you use?
A. The Exchange Management Console
B. The Exchange Control Panel in Office 365
C. The Exchange Admin Center
D. The Exchange Remote Connectivity Analyzer
Answer: C
Explanation:
Note:
* The section describes the user interface elements that are common across the EAC (Exchange Admin Center).
* Check the mail flow setting.
Reference: Managing Directory Based Edge Blocking (DBEB) feature in Exchange Online Protection (EOP)
Q2. DRAG DROP - (Topic 6)
You have a server that has Exchange Server 2013 installed.
You plan to deploy Unified Messaging (UM) to all users.
You have two UM IP gateways named GW1 and GW2.
You create, and then associate a new UM dial plan for each IP gateway. The IP gateways
are configured as shown in the following table.
You need to recommend a solution that meets the following security requirements:
All voice traffic received by GW1 must be encrypted.
All voice traffic received by GW2 must be unencrypted.
All signaling traffic to GW1 and GW2 must be encrypted.
Which security settings should you recommend configuring for each dial plan?
To answer, drag the appropriate security setting to the correct UM dial plan in the answer area. Each security setting may be used once, more than once, or not at all. Additionally, you may need to drag the split bar between panes or scroll to view content.
Answer:
Q3. (Topic 6)
You have an Exchange Server organization that contains Exchange Server 2010 servers and Exchange Server 2013 servers. You have a Microsoft Lync Server 2010 environment that is integrated with Unified Messaging (UM) services.
You have an Exchange Server 2010 server named EX1 that has the Unified Messaging server role installed.
You are migrating the UM services to Exchange Server 2013.
You need to prevent EX1 from providing call answering services during the migration.
What should you modify?
A. the UM mailbox policies
B. the UM auto attendants
C. the UM dial plans
D. the UM hunt groups
Answer: C
Q4. (Topic 6)
You have an Exchange Server 2013 organization.
A member of the legal department reports that Information Rights Management (IRM)-protected messages are included in the results when performing an In-Place eDiscovery search.
You need to ensure that the IRM-protected messages are excluded from the results.
What should you do?
A. From the Exchange Admin Center, modify the permissions of the discovery mailbox.
B. From Windows PowerShell, run the Set-MailboxSearch cmdlet.
C. From the Exchange Admin Center, run the In-Place eDiscovery & Hold wizard.
D. From Windows PowerShell, run the Set-IRMConfiguration cmdlet.
Answer: D
Explanation:
See Note below.
Use the Shell to configure IRM for Exchange Search
This example configures IRM to allow Exchange Search to index IRM-protected messages.
Set-IRMConfiguration -SearchEnabled $true
Note: By default, the SearchEnabled parameter is set to $true. To disable indexing of IRM-
protected messages, set it to $false. Disabling indexing of IRM-protected messages
prevents them from being returned in search results when users search their mailbox or
when discovery managers use In-Place eDiscovery.
Reference: Configure IRM for Exchange Search and In-Place eDiscovery
https://technet.microsoft.com/en-us/library/gg588319(v=exchg.150).aspx
Q5. (Topic 6)
You have an Exchange Server 2013 organization that contains one Client Access server named EX1 and one Mailbox server named EX2.
You have a perimeter network and an internal network. The perimeter network contains an Edge Transport server named EX3 that has Exchange Server 2010 installed.
You need to ensure that all of the email messages sent to and received from the Internet are routed through the EX3. Which three actions should you perform? (Each correct answer presents part of the solution. Choose three.)
A. Allow SMTP traffic between EX3 and EX2.
B. Create an Edge Subscription.
C. Allow traffic over TCP 50636 from EX1 to EX3.
D. Allow SMTP traffic between EX3 and EX1.
E. Allow traffic over TCP 50636 from EX2 to EX3.
F. Modify the default Receive connector on EX2.
Answer: A,B,E
Explanation:
To establish Internet mail through an Edge Transport server, subscribe the Edge Transport server to an Active Directory site. This automatically creates the two Send connectors required for Internet mail flow:
. A Send connector configured to send outbound email to all Internet domains.
. A Send connector configured to send inbound email from the Edge Transport
server to an Exchange 2013 Mailbox server.
SMTP traffic and ports TCP 50636 must be allowed between the mailbox server (routing service) and the Edge server.
Q6. (Topic 6)
You have an Exchange Server 2013 organization that contains the servers configured as shown in the following table.
All of the Exchange servers run Windows Server 2012 R2 and are members of a database
availability group (DAG) named DAG1. Each server has a copy of all the mailbox databases.
DAG1 is configured to have a cluster administrative access point. The file share witness is located in Site A.
You need to identify the maximum number of Mailbox servers that can fail simultaneously without affecting the mailbox access of the users.
How many servers should you identify?
A. 2
B. 3
C. 4
D. 5
Answer: C
Explanation:
Example: Quorum requires a majority of voters to be able to communicate with each other. Consider a DAG that has four members. Because this DAG has an even number of members, an external witness server is used to provide one of the cluster members with a fifth, tie-breaking vote. To maintain a majority of voters (and therefore quorum), at least three voters must be able to communicate with each other. At any time, a maximum of two voters can be offline without disrupting service and data access. If three or more voters are offline, the DAG loses quorum, and service and data access will be disrupted until you resolve the problem.
Reference: Database availability groups
https://technet.microsoft.com/en-us/library/dd979799%28v=exchg.150%29.aspx
Q7. (Topic 6)
You have an Exchange Server 2013 organization that is integrated with Information Rights Management (IRM).
A user is unable to create and read IRM-protected messages from a mobile device. The user can open IRM- protected messages *missing text*.
You need to identify the most likely cause of the issue.
What should you identify?
A. the value of DevicePasswordEnabled of a mobile device policy
B. the value of AllowNonProvisionableDevices of a mobile device policy
C. the Exchange ActiveSync protocol version
D. the value of RequireDeviceEncryption of a mobile device policy
Answer: D
Explanation:
Mobile IRM protection in Exchange 2013 When you set the RequireDeviceEncryption parameter to $true, mobile devices that don't support device encryption will be unable to connect.
Note: Using IRM in Exchange ActiveSync, mobile device users can:
* Create IRM-protected messages.
* Read IRM-protected messages.
* Reply to and forward IRM-protected messages.
Reference: Information Rights Management in Exchange ActiveSync
https://technet.microsoft.com/en-us/library/ff657743(v=exchg.150).aspx
Q8. (Topic 6)
You have a server named Server1 that has Exchange Server 2013 installed.
Users access their mailbox by using Microsoft Outlook 2010 and Outlook Web App.
You enable auditing for all of the mailboxes.
You need to identify when a mailbox is accessed by someone other than the owner of the mailbox.
What are two possible ways to achieve this goal? (Each correct answer presents a complete solution. Choose two.)
A. Export the administrator audit log.
B. Run an administrator role group report.
C. Export the mailbox audit log.
D. Run a non-owner mailbox access report.
E. Review the security event log.
Answer: C,D
Explanation:
C: Use the Auditing tab to run reports or export entries from the mailbox audit log and the
administrator audit log.
/ The mailbox audit log records whenever a mailbox is accessed by someone other than
the person who owns the mailbox. This can help you determine who has accessed a
mailbox and what they have done.
/ The administrator audit log records any action, based on a Windows PowerShell cmdlet,
performed by an administrator. This can help you troubleshoot configuration issues or
identify the cause of security- or compliance-related problems.
D: Run a Non-Owner Mailbox Access Report
Use this report to find mailboxes that have been accessed by someone other than the
person who owns the mailbox.
Q9. DRAG DROP - (Topic 6)
You have an Exchange Server organization named adatum.com. The organization contains servers that have Exchange Server 2010 and Exchange Server 2013 installed.
The company executives require that all email messages remain stored for three years.
You create two retention tags named Ret1 and Ret2. Ret1 moves the email messages to an Archive mailbox after one year. Ret2 permanently deletes the email messages after three years.
You need to meet the company executives' requirements. The solution must ensure that all email messages that are older than two years are removed as quickly as possible.
Which three actions should you perform in sequence? (To answer, move the appropriate three actions from the list of actions to the answer area and arrange them in the correct order.)
Answer:
Q10. (Topic 6)
You have an Exchange Server 2013 organization.
All users are issued certificates from an internal certification authority (CA).
Users who have a laptop can access their mailbox from the Internet by using Outlook Anywhere.
When the users attempt to view or to create digitally signed email messages while they are connected to the Internet, the users receive a warning message.
When the users use their laptop on the internal network, the users do not receive a warning message.
You need to ensure that the users can send and receive digitally signed email messages without receiving a warning message.
What should you do?
A. Publish the root certificate of the CA to a server that is accessible from the Internet.
B. Publish the certificate revocation list (CRL) to a server that is accessible from the Internet.
C. Install a trusted root CA certificate on all Client Access servers.
D. Install a trusted root CA certificate on all of the laptops.
Answer: B
Explanation:
It works inside the network. Therefore the CA is trusted. Without access to the CRL, you’ll get an error saying A revocation check could not be performed for the certificate.